Print Download PDF Send Feedback

Previous

Next

Working with Virtual Groups

Virtual Groups let you manage groups of users and computers with SmartEndpoint. You can use Virtual Groups with Active Directory for added flexibility or as an alternative to Active Directory.

Objects can be members of more than one virtual group. Members of Active Directory OUs or groups can also be members of Virtual Groups.

The benefits of using Virtual Groups include:

Virtual Groups work much like Active Directory. You can:

Important - You can use virtual groups to manage computers and servers in all environments. To manage users with a virtual group, you must do one of these steps:

  • Use Full Disk Encryption and enable User Acquisition.
  • Import objects into Endpoint Security with the Active Directory Scanner. Afterwards you can move them between virtual groups manually.

Types of Virtual Groups

There are two types of virtual groups:

These predefined virtual groups are created with users and computers assigned to them automatically:

If you add objects to a virtual group with an installation package, the objects are not automatically put into these virtual groups. You must do so manually.

Basic Virtual Group Management

You work with virtual groups in the Virtual Groups branch of the Users and Computers tree. The virtual groups are located under the Virtual Group branch.

When you create a new virtual group, you must set the group type, which you cannot change. Changes to a virtual group are saved automatically and installed immediately.

To create a new virtual group:

  1. In the Users and Computers tree, click Virtual Groups.
  2. Right-click and select New Virtual Group.
  3. In the New Virtual Group window:
    • Enter a name for the group.
    • Optional: Enter a Comment.
    • Select Virtual Group or Computer Group.
  4. Click OK.

To add computers and users from Active Directory to a Virtual Group:

  1. Right-click an OU on the Directories branch of the Users and Computers tree.
  2. Select Add content to Virtual Group.
  3. Select a Virtual Group and click OK.

    All users and computers in the specified OU are added to the Virtual Group. If select one of the default Virtual Groups, only those users and computers applicable to that group are added. For example, if you select the All Laptops Virtual Group, only laptops computers and their users are added to the group.

To copy a user or computer to another virtual group:

  1. Right-click the user, computer or Active Directory group.
  2. Select Add to Virtual Group.
  3. Select the destination virtual group.

The source object becomes a member of the destination group while remaining a member of the source group.

To remove a user or computer from a virtual group:

  1. Right-click the user or computer.
  2. Select Remove from Virtual Group.

Adding Objects with an Installation Package

When you distribute a new Endpoint Security client installation package, you can assign users and computers to a destination group. Computers and users that use this package are automatically assigned to the group when they connect to the server for the first time.

For example, an MSP that services 5 organizations can export 5 installation packages to divide endpoints into 5 different groups. Users who install the package designated for Group A are automatically put in Group A. Users who install the package designated for Group B are automatically put in Group B.

To configure a virtual group destination for an installation package:

  1. In the Users and Computers tab, create a virtual group.
  2. In the Deployment tab, click Packages for Export.
  3. Select a package and change the rule settings to Export to the new virtual group.

    Change other rule settings as necessary. If you are upgrading from version R73 or earlier, make sure that you configure the legacy version passwords.

  4. Right-click the package and select Export Package from the option menu.
  5. In the Export Package window, select the platform type and 32-bit or 64-bit.
  6. Define the path to the directory that the package is saved to.
  7. Click OK.

    The package downloads to the specified location.

Monitoring Virtual Group Objects

Virtual Group objects show in Reporting reports like other objects. You can create for monitoring and other purposes. Endpoints can be members of more than one group.

For example, if you want to do a test of a new Endpoint Security upgrade, you can create a Virtual Group that contains only those endpoints included in the test. Then you can create a report for the deployment and activity of these endpoints.

To see activity for virtual group objects:

  1. Go to the Reporting tab and select Software Deployment from the tree.
  2. Click the ... button in the Endpoint List section of the Software Deployment Status pane.
  3. Select Virtual Groups and then the select the virtual group that you want to see.